Difference between revisions of "Authorization code usecase 1"
Pavel.lobko (talk | contribs) (→i2Rest Client command composing) |
Pavel.lobko (talk | contribs) (→i2Rest Client command composing) |
||
| Line 28: | Line 28: | ||
SCOPE('https://www.googleapis.com/auth/drive.file') | SCOPE('https://www.googleapis.com/auth/drive.file') | ||
</pre> | </pre> | ||
| − | :to specify Bridge mode parameters obtained on Preparations step (c). | + | :to specify <code>*BRIDGE</code> Authorization method and Bridge mode parameters obtained on Preparations step (c). |
<pre> | <pre> | ||
AUTHMETHOD(*BRIDGE) | AUTHMETHOD(*BRIDGE) | ||
Revision as of 12:12, 5 June 2020
The usecase shows how to use I2Rest Client request with Oauth2 Authorization code flow, the same result can be also achevied using Oauth2 Device flow. We will call Google Drive Api in order to get the list of existing files on "i2restexample" user Google Drive.
Contents
Preparations
The next steps are to be performed before we can compose and execute i2Rest Client command.
- a) Your application should be registered as a client (obtaining Device ID and Device Password) on Google (see details). Make sure your specify Redirection URI that matches i2Rest Bridge endpoint.
- b) Insure that you have Google SSL CA installed. Install it if needed.
- c) Register your i2Rest Client on your i2Rest Server as a client to enable "bridge mode" by setting up your i2Rest Server OAuth2 object.
i2Rest Client command composing
So what we need composing i2Rest Client command is:
- to set request method and API endpoint to values that are specified in the API method description;
I2REST COMMAND(*Get)
URL('https://www.googleapis.com/drive/v3/files')
- to specify properly configured on Preparations step (b) Certificate_Store to be able to work with SSL secured resource;
DCMCLIENT(MYCLIENT)
- to specify obtained on Preparations step (a) requisites;
AUTHID('677815701888-aj80fure8f1laqd3dqvpqtmlandni5an
.apps.googleusercontent.com')
AUTHPW(tI2ezmVGioGwrGk9K2O23Mv5)
AUTHURL('https://accounts.google.com/o/oauth2/v2/auth
')
TOKENURL('https://oauth2.googleapis.com/token')
SCOPE('https://www.googleapis.com/auth/drive.file')
- to specify
*BRIDGEAuthorization method and Bridge mode parameters obtained on Preparations step (c).
AUTHMETHOD(*BRIDGE)
BRIDGEURL('https://api.i2rest.com:22089/a2d')
BRIDGEID(OAUTH21)
BRIDGEPW(oauth21)
All the necessary parameters are specified, it's time to execute the complete command.
I2REST COMMAND(*GET)
URL('https://www.googleapis.com/drive/v3/files')
OUTPUT(*BOTH)
DCMCLIENT(MYCLIENT)
RECVLOG('/home/btpl/recv.log')
SENTLOG('/home/btpl/sent.log')
AUTHMETHOD(*BRIDGE)
TOKENS('/qsys.lib/qtemp.lib/tokens.usrspc')
AUTHID('1052056765075-qv2u4rgmhs6rgoijpribg64ffvtgdhi
6.apps.googleusercontent.com')
AUTHPW(HDXLMOqhdtnSZ5CfCZBWQOsQ)
AUTHURL('https://accounts.google.com/o/oauth2/v2/auth
')
TOKENURL('https://oauth2.googleapis.com/token')
SCOPE('https://www.googleapis.com/auth/drive.file')
BRIDGEURL('https://api.i2rest.com:22089/a2d')
BRIDGEID(OAUTH21)
BRIDGEPW(oauth21)
Authorization code flow
After the command was executed, I2Rest Client starts performing Oauth2 Authorization code flow.
Steps (A), (B) of the flow are taken behinde the scene. Step (C) will be displayed on your green screen.
Following the provided link will bring the user to I2Rest Bridge page that asks for a Bridge user code, and this is step (D).
The next two screens are the representation of step (F)
End user suggested to perform user authentication.
End user suggested to grant access to requested scope.
After the end user grant (or deny) access, he will be redirected back to i2Rest bridge as the result of step (G).
Steps (E), (H), (I), (J) of the flow does not envolve end user.
Checking the result!
Here is the result of the authorized request to Google Drive APi:
Server response (status 200, shown 214 bytes of 214):
{
"kind": "drive#fileList",
"incompleteSearch": false,
"files": [
{
"kind": "drive#file",
"id": "1b-aQhiVeXgAQZVYeftIpuBo2GCvKQzHz",
"name": "i2rest.doc",
"mimeType": "application/msword"
}
]
}
